What are the responsibilities and job description for the Vulnerability Operations Engineer position at Delphi-US, LLC - Peacemakers in the Talent War?
| Location: Hybrid (3x on-site) in New York, NY or Charlotte, NC | Contract
This Vulnerability Operations Engineer contract role will operationalize vulnerability management across infrastructure, applications, and cloud environments in a large-scale enterprise setting. You’ll own scanning operations, risk-based prioritization, remediation tracking, and reporting—partnering with engineering teams to reduce exposure to emerging threats, including zero-day risks, while supporting modern application and cloud initiatives.
Key Responsibilities
Delphi-US is a national IT Services firm based in Newport, Rhode Island. Delphi attracts our nation's best and brightest Technical & Professional Talent and positions our nation's finest employers to further their competitive advantages. Delphi's core technical focus includes Data Intelligence Engineering & Analytics, AI/ML Operational Excellence, DevOps & Cloud Computing, Health IT & Life Sciences, and Energy Management/Power Systems; serving domains from sensitive national energy sectors to critical financial services, biomed, life sciences & pharma, major government & municipal institutions, and much of the USA's Fortune 500 corporations. Delphi Associates are deployed on critical IT Projects where their consultative business acumen, comprehensive technical expertise, and committed service mission drives our client's success. Our proprietary skill-based and cultural matching process results in higher qualified project teams, custom curated for our client's specific technical & functional goals. We are supremely experienced, friendly, professional, and ready to advocate on your behalf. Delphi has an indelible understanding of employer expectations, a track record of project success and we deliver lasting results.
6102
This Vulnerability Operations Engineer contract role will operationalize vulnerability management across infrastructure, applications, and cloud environments in a large-scale enterprise setting. You’ll own scanning operations, risk-based prioritization, remediation tracking, and reporting—partnering with engineering teams to reduce exposure to emerging threats, including zero-day risks, while supporting modern application and cloud initiatives.
Key Responsibilities
- Manage and operate enterprise vulnerability management programs across infrastructure, application, and cloud environments.
- Conduct and coordinate vulnerability scanning using Tenable, Qualys, Rapid7, Nexpose, or similar platforms.
- Analyze and prioritize vulnerabilities based on risk, exploitability, and business impact using CVE and CVSS-based context.
- Partner with engineering and infrastructure teams to drive timely remediation and mitigation efforts.
- Track and report vulnerability metrics, SLAs, and remediation progress to stakeholders.
- Perform root cause analysis to identify recurring security gaps and systemic control weaknesses.
- Support patch management processes and validate that remediation activities are effective.
- Integrate vulnerability management workflows into CI/CD pipelines and DevSecOps practices.
- Conduct threat and exposure analysis for emerging vulnerabilities and zero-day risks.
- Improve vulnerability management processes, tooling, and automation to increase coverage and efficiency.
- Support audits and compliance efforts by producing evidence of remediation and risk management.
- Create and maintain operational documentation, including workflows, dashboards, and runbooks.
- 5 years of experience in vulnerability management, security operations, or cybersecurity engineering.
- Hands-on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7, Nexpose).
- Strong understanding of CVEs, CVSS scoring, and risk-based vulnerability prioritization.
- Experience managing vulnerabilities across infrastructure, cloud, and application environments.
- Familiarity with patch management processes and remediation validation.
- Experience working with security and IT teams to drive remediation efforts.
- Knowledge of operating systems, networking, and cloud platforms (AWS, Azure, GCP).
- Strong analytical, reporting, and problem-solving skills.
- Strong communication skills to translate technical risks to business stakeholders.
- Experience working in Agile or enterprise-scale environments.
- Ability to work hybrid (3x on-site) in NYC or Charlotte, NC.
- Experience integrating vulnerability management into DevSecOps workflows and CI/CD pipelines.
- Familiarity with container and Kubernetes security scanning tools.
- Knowledge of threat intelligence and exploit databases (e.g., NVD, MITRE ATT&CK).
- Experience with automation and scripting (Python, PowerShell, or similar).
- Background in regulated or enterprise-scale environments.
- Exposure to securing environments that include platforms like ChatGPT or other modern application stacks.
- Relevant certifications (e.g., Security , CEH, CISSP, GIAC, or similar).
Delphi-US is a national IT Services firm based in Newport, Rhode Island. Delphi attracts our nation's best and brightest Technical & Professional Talent and positions our nation's finest employers to further their competitive advantages. Delphi's core technical focus includes Data Intelligence Engineering & Analytics, AI/ML Operational Excellence, DevOps & Cloud Computing, Health IT & Life Sciences, and Energy Management/Power Systems; serving domains from sensitive national energy sectors to critical financial services, biomed, life sciences & pharma, major government & municipal institutions, and much of the USA's Fortune 500 corporations. Delphi Associates are deployed on critical IT Projects where their consultative business acumen, comprehensive technical expertise, and committed service mission drives our client's success. Our proprietary skill-based and cultural matching process results in higher qualified project teams, custom curated for our client's specific technical & functional goals. We are supremely experienced, friendly, professional, and ready to advocate on your behalf. Delphi has an indelible understanding of employer expectations, a track record of project success and we deliver lasting results.
6102